Scan a GitHub or GitLab repository for security issues before installing it as a skill, tool, or MCP server. Use when the user wants to check, vet, scan, or review a repository for safety before installation. Detects hardcoded secrets, known CVEs, supply chain risks, and build provenance.

famclaw0

보안

Security

Load when reviewing security vulnerabilities, injection risks, authentication issues, or OWASP compliance. Provides security audit patterns and common vulnerability fixes.

falke-ai-circuit0

보안

Api Security Testing

API security testing workflow for REST and GraphQL APIs covering authentication, authorization, rate limiting, input validation, and security best practices.

fakhrelaziz4582-spec0

보안

Api Security Best Practices

Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities.

fakhrelaziz4582-spec0

보안

007

Security audit, hardening, threat modeling (STRIDE/PASTA), Red/Blue Team, OWASP checks, code review, incident response, and infrastructure security.

fakhrelaziz4582-spec0

보안

Skyclaw Purple Team Auditor v2.1

Auditoría de seguridad enterprise con análisis estático (AST), mapeo de fronteras de confianza, y detección de vulnerabilidades (SQLi, XSS, Prompt Injection, RCE). Integra marco metacognitivo de 7 fases, vector store local para patrones de vulnerabilidad, HITL para hallazgos críticos, y audit trails inmutables. Cumple NIST CSF 2.0, ISO 42001, ISO 27001, EU AI Act. Ejecución 100% local en WSL2 con soberanía de datos. Usar cuando se solicite revisión de seguridad, compliance, o análisis de código antes de deployment. No usar para formateo de código general.

FacundoSu19860

스마트 컨트랙트

Input & Arithmetic Safety

Detects input validation failures and arithmetic vulnerabilities in smart contracts. Covers missing zero-address and zero-amount checks, division-before-multiplication precision loss, rounding direction exploitation, ERC4626 vault share inflation attacks, unsafe integer casting, dust amount exploitation, and Solidity 0.8+ unchecked block edge cases. Use when auditing contracts with fee calculations, share pricing, exchange rates, unchecked blocks, or any public-facing functions that accept user input.

dajneem230

스마트 컨트랙트

External Call Safety

Detects unsafe external call patterns and token integration vulnerabilities in smart contracts. Covers unchecked call/delegatecall/staticcall return values, fee-on-transfer tokens, rebasing tokens, tokens with missing return values (USDT), ERC-777 callback risks, unsafe approve race conditions, return data bombs, gas stipend limitations, and push vs pull payment patterns. Use when auditing contracts that interact with external contracts, integrate arbitrary ERC20 tokens, distribute payments, or make low-level calls.

dajneem230

스마트 컨트랙트

Reentrancy Pattern Analysis

Systematically detects all reentrancy vulnerability variants in smart contracts — classic, cross-function, cross-contract, and read-only reentrancy. Builds call graphs, verifies CEI (Checks-Effects-Interactions) pattern compliance, traces state changes relative to external calls, and identifies callback vectors through ERC-777/ERC-1155 hooks. Use when auditing contracts that make external calls, transfer ETH or tokens, interact with callback-enabled standards, or have complex multi-contract architectures.

dajneem230

보안

Agent Security

Senior security engineer agent — threat modeling, RLS review, SAST/SCA/secrets scanning, auth hardening, multi-tenant isolation, LGPD. Poder de veto em deploys sensiveis. Invocado pelo Conductor.

fabiomilennials1234-a11y0

머신러닝

Gsd Secure Phase

Retroactively verify threat mitigations for a completed phase

fabiolk000

보안

Security Review Skill

Defend before attackers find the gaps.

정보 보안 분석가

정보 보안 분석가

Honeybadger

Security

Api Security Testing

Api Security Best Practices

007

Skyclaw Purple Team Auditor v2.1

Input & Arithmetic Safety

External Call Safety

Reentrancy Pattern Analysis

Agent Security

Gsd Secure Phase

Security Review Skill

Microsoft Secure Future Initiative Sfi Skill

Security Review

Privacy Responsible Ai

Distribution Security

Secrets Management

Pii Privacy Regulations Skill

Microsoft Secure Future Initiative Sfi Skill

Distribution Security

Security Review

Secrets Management

Distribution Security

Content Safety Implementation

Secrets Management

Distribution Security

Distribution Security

Security Review Skill

Secrets Management

Privacy Responsible Ai Skill